-CoGuard blog-
Cyber Security
CoGuard and API Security

Let's take a dive into API security. In this article we explore the history of APIs, available tooling, and all the components-not just the endpoints-that need to be considered to set up and maintain secure APIs.

Read post
Arrow pointing right
Cyber Security
Protect Your Business from Ransomware: Addressing the Root Causes

Ransomware remains a top threat for organizations, yet many still treat symptoms rather than tackling the root causes. Microsoft research reveals that over 80% of ransomware attacks stem from common configuration errors, therefore, hardening your configurations is the best protection.

Read post
Arrow pointing right
All
Product Updates
In The News
DevOps Tips
Cyber Security
Cyber Security
CoGuard and API Security

Let's take a dive into API security. In this article we explore the history of APIs, available tooling, and all the components-not just the endpoints-that need to be considered to set up and maintain secure APIs.

Cyber Security
Healthy Configurations for HIPAA Compliance

Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is a must for organizations that handle protected health information (PHI). This article addresses how to ensure that your application(s) and the surrounding infrastructure is (and stays) compliant with examples of what can go wrong.

Case Study
CoGuard Case Study at Support Logic

In this article, we are going through some of the value SupportLogic has received from our automated scan, which has confirmed our position on blind spots in organizations for years.

Cyber Security
Protect Your Business from Ransomware: Addressing the Root Causes

Ransomware remains a top threat for organizations, yet many still treat symptoms rather than tackling the root causes. Microsoft research reveals that over 80% of ransomware attacks stem from common configuration errors, therefore, hardening your configurations is the best protection.

Cyber Security
The Rise of Configuration Files… What you need to know about Fedramp Rev 5

FedRAMP Revision 5 introduces a new requirement in Section CA-7: monthly scans of configuration files. In this blog, we'll break down what this update means and provide quick tips on how to meet this new requirement efficiently.

In The News
Updates … My perspective on the recent Microsoft/Crowdstrike Outage

A perspective on the recent outage of Microsoft Windows systems running Crowdstrike's Falcon, and how a comprehensive configuration scanning solution is the key to preventing this and similar issues.

Press Release
Enhancing Automated Configuration Security Capabilities with OpenAI Grant Funding

Coguard extends infrastructure security scanning and audits with OpenAI's Cybersecurity Grant. Quickly add emerging software applications and infrastructures to penetration tests and infrastructure audits. Improve security audit speed for emerging tech.

Cyber Security
Are AWS Account IDs secrets?

Uncover the Truth: Are AWS Account IDs Secrets? Learn Crucial Insights for ECR Security and Prevention. Essential Reading for IT Managers and Administrators!

DevOps Tips
Securing Multi-Cloud Environments: Monitoring, Logging, and Best Practices

Explore the advantages of multi-cloud architecture for flexibility and risk management. Implement secure back-end VPN connections, monitor efficiently with the ELK stack, and enforce robust authentication. Enhance logging configurations effortlessly with CoGuard.

DevOps Tips
You have been breached…now what?

There is a scramble to figure out what to do and how to recover during a systems breach. Ensuring your logging is properly configured is the best way to preserve evidence to recover, and harden.

In The News
Automation and Singletons in Infrastructure Setups

A review of the post mortem on Launchnodes slashing incident. And how to run static analysis of IaC, container and infrastructure to identify slashing risks in infrastructure setups for Web3 validators.

Dangerous Defaults
Dangerous Defaults # 3 - Rules overwriting each other

Terraform has an interesting quirk. Security groups can be defined inline using 2 different methods. Like in Ghostbusters, you should never cross stream. Mixing methods might be valid but it causes unexpected security settings. CoGuard is the only IaC scanner that identifies the overwritten rules sets.

Dangerous Defaults
Dangerous Defaults # 2 - MSK choose Uptime or Data Integrity

Default configurations for PaaS providers maybe different than the default cofigurations for the same applications in a Docker container. We use three different IaC configuration scanners to identify configuration settings including a tradeoff data integrity vs uptime in Amazon MSK. #iac #aws #kafka #config

Dangerous Defaults
Dangerous Defaults # 1 - AWS VPC and VPNs with No Backups Enabled

We evaluate the configuration for setting up AWS GPU VPC and VPNs using CoGuard, Snyk and KICS #aws #cloudformation #iac #config #backups #configuration

Troubleshooting Configurations
Avoiding Docker Nightmares: The Importance of Container Version Fixing for Infrastructure as Code

Prevent Docker Nightmares: Use Version Control & Static Analysis for IaC. Ensure stable builds & lock dependencies. CoGuard has you covered!

Troubleshooting Configurations
ElasticSearch’s most common reason for “exited unexpectedly”

Optimize ElasticSearch's First Run: Troubleshoot "Exited Unexpectedly" Error Ensure proper RAM allocation. Be aware of cross container, application and user limits to prevent unexpected exits. Find configuration collisions with CoGuard.

Troubleshooting Configurations
Fix the “connection refused” error in Postgres

"Troubleshoot 'Connection Refused' Error in Postgres Setup with CoGuard's Configuration File Scanner. Ensure Server Connectivity and Security."

Cyber Security
Shared Responsibility Model for PaaS - A Look at Pantheon

Learn about the shared responsibility model for Platform as a Service (PaaS) using Pantheon as an example. A CoGuard scan of a Pantheon MySQL instance revealed various security concerns, highlighting the need for proactive configuration checks when using PaaS providers.

DevOps Tips
Elevating the Standard: A Deeper Look into CoGuard

Configuration changes are just as risky as code changes. Here's our take on the tooling required to give configurations the same, rigorous quality assurance and testing as code and why it's necessary.

Cyber Security
Faster White-Box Penetration Testing Through Static Analysis of Configuration Files

The article discusses penetration testing – methods to identify and patch vulnerabilities in an organization's systems and how technology has evolved to make in depth white box penetration testing possible.

Press Release
The Teledyne FLIR ELB Team automates configuration security in their CI/CD pipeline with CoGuard.

Explore a use case of CoGuard to help developer teams fix issues quickly and maintain overall stability of their systems.

Press Release
Unlocking the Potential: Quantstamp works with CoGuard to perform infrastructure security evaluations

Quantstamp, a leading provider of smart contract audits, has partnered with CoGuard to identify misconfigurations and vulnerabilities of Web2 infrastructure within Web3 stacks.

DevOps Tips
Security hardening a new React project

You can use this article as a guideline for your own projects, and it is not restricted to React/NodeJS specifically. We have shown how to initialize a project, and the components that need to be present. With this article, you get a sense on what it takes to fix the initial items that are flagged. Maintaining a clean report for each tool as you build the project will set you up for scale, and give you confidence that your changes will not break things that easily.

DevOps Tips
Setting up a project with a security-hardened CI/CD pipeline

This article demonstrates how to start building a react application, get it committed to GitHub and set up linting and code scanning. Then we set up and use GitHub Actions, Docker, Docker Compose, GitHub Secrets and CoGuard to build and secure the initial CI/CD pipeline.

Product Updates
Announcement: Support for OpenTelemetry Collector

CoGuard CLI adds configuration file security scanning support for OpenTelemetry users. CoGuard provides OpenTelemetry users an automated pre-deployment security scanning tool that identifies and scans Collector configuration files and their dependencies for known misconfigurations and vulnerabilities.

Product Updates
Add security configuration analysis to your Pipelines using Jenkins Scripts

The goal of this article is to serve as a tutorial on the creation of Jenkins Scripts to add security configuration analysis using CoGuard-CLI to your Jenkins Pipeline.

DevOps Tips
What are our resources in the cloud?

Generating and maintaining a list of cloud resources is a challenge for DevOps and IT departments that are not using IaC. We look at how to generate a list of resources and configurations across providers (AWS, GCP, Azure, etc.) and include ways to make the list portable using TerraForm.

DevOps Tips
How to Include CoGuard CLI into BitBucket Pipelines

In this short article, we are going to show you an example script on how to include CoGuard’s CLI functionality into your BitBucket Pipelines.

DevOps Tips
The Infrastructure as Code disruption is not done yet…It is just getting started!

IaC adoption is still in progress, there are several ways of working that are common in the programming world are still not fully applied to it and have great potential to help us build more reliable, scalable and secure infrastructures.

Cyber Security
The different flavours of Docker image security

This article focuses on outlining the difference between some of the common image security scanners out there, what they are scanning for, and what the major differences are.

In The News
The Canada wide Rogers outage on July 8, 2022: What exactly happened & how can it be prevented?

This article discusses what happened to cause the Roger's outage on July 8th 2022, why it took an entire day to get their systems back online and how to prevent this moving forward.

DevOps Tips
How to verify your downloads in Docker builds

This article is focussed on how to ensure that downloads via `curl` or `wget` are being verified correctly and provides our solution for checking if you forgot to verify signatures.

DevOps Tips
Creating a Dockerfile? These are 7 things you should not forget!

This checklist will help you prevent certain deploy-errors or even outages in the future when working with Docker or Dockerfiles. To help you get started, we have also included a template.

Product Updates
Introducing CoGuard's free & quick CLI tool: Take a deep dive into your Docker images in seconds!

We have created a simple tool that automates the discovery of configuration files inside containers and scans them in for security and quality vulnerabilities and if any are found, fix instructions are provided-in seconds!

Product Updates
CoGuard is not just another security vulnerability scanner.....Really!

Many organizations employ tools to help secure their code, but completely forget about their configurations. This is where CoGuard comes in to help!

DevOps Tips
MySQL in AWS RDS is NOT automatically following CIS benchmarks!

When using AWS, the RDS service allows for many different SQL engines, including Oracle’s MySQL. Here are some of the things you need to consider and possibly fix before using the RDS instance because out of the box does not mean it's secure!

DevOps Tips
How Well Documented is Your IT Infrastructure?

Do you know what you have in your IT infrastructure?What’s your inventory? What’s installed? Do you know? Whose responsibility on your team is it to keep track of what's in your IT infrastructure and how it got there?

DevOps Tips
Your web server needs to be configured to never compress and encrypt at the same time

Common practice is to not use TLS and always keep using the latest version of the protocol, however, there is one danger that needs to be carefully considered: Compression.

DevOps Tips
Do you really want to deploy that dirty AWS default Kafka (MSK) configuration?

Kafka is s a well-engineered scalable messaging system, but along with it comes a large number of different configurations and one in particular that you need to look out for.

DevOps Tips
The one Kubernetes CIS benchmark check that needs to be included in ECS

Orchestration systems like ECS or Kubernetes are generally complex, making security holes easy to introduce. Read more to learn of a serious security vulnerability and how to avoid it.

Cyber Security
Setting Up CloudFront? You may have forgotten this commonly left out step

The security headers in the CloudFront responses is one of the top 10 OWASP security recommendations that we see missing in 75% of login portals we look at. Why is this?

DevOps Tips
How to configure software (and how you had better not!)

Here are some tips and tricks on how to configure your software and what to avoid.

Cyber Security
Services are allowed to run in an insecure way. Why is that, and what can we do about it?

From our experience, it takes teams at least three times longer to set up a service in a secure way compared to the initial “just make it work” setup, but it doesn't have to stay this way!

Research
Your 2fa is likely SHA1SSE

SHA1-based TOTP 2FA vulnerable to attacks? Improve security with stronger hashing algorithms like SHA-256 & SHA-512. Research on Authenticator app support shows limited support for stronger hashing. Keycloak, AWS Cognito, and others use SHA-1 by default. CoGuard's application discovery tools help identify misconfigurations and reduce exposure risk.

DevOps Tips
Cracking the Container Code: Navigating Kubernetes, Docker, Virtual Machines, Helm, and Secure Orchestration with Code Scanning

Explore the containerization landscape: Kubernetes, Docker, Helm, and orchestration. Secure deployments with code scanning for robust infrastructure as code.

Dangerous Defaults
Don’t let your IaC Configurations Drift

Manage configuration drift with IaC: understand, automate, and scan modules for security risks.

Press Release
Introducing the D.U.C.K. Initiative! 🦆

Discover the D.U.C.K. Initiative: Open-source tools for Lido node operators, pioneering safer Web3 staking. CoGuard collaborates with Quantstamp, Chainproof, Hypernative, Kiln, Lionscraft and Blockscape. Join the mission!

Cyber Security
Decoding Web3: Navigating the Crucial Role of Infrastructure - A Case Study

Uncover the Billion Dollar Web3 Exploit: Learn how overlooking Web2 security in blockchain infrastructure led to massive losses. Explore the case study with insights on vulnerabilities, server practices, and preventive measures.

Cyber Security
Differences between Including Software Libraries vs Containers

Navigating Libraries vs. Containers - Insights on Versioning, Code Scanning, and Configuration Safeguards for Developers and Security Teams

Dangerous Defaults
Rooting for Trouble: Unmasking the Perils of Root Access in Containers!

"Unmasking Risks: Running containers as root exposes host files! 🛑 Learn why it's a bad idea with a simple example. #ContainerSecurity #DevOps"

In The News
Session Tokens - Balancing Usability & Security

Learn from Okta's 2023 breach—stolen session tokens exposed in HAR files. Lessons on JWTs, session cookie security, and vital config changes for Okta, Keycloak, and AWS Cognito. Dive into defense in depth with CoGuard for configurations across your infrastructure layers.

Cyber Security
The Evolution of Static Analysis: From Blue Screens to Secure Infrastructures

History of static analysis and static application security testing (SAST) including the recent additions for infrastsructure, IaC and containers.

Cyber Security
Implementing Strong Cross-Tenant Security Boundaries

Do you run your secured workloads in the cloud? Countermeasures to prevent unauthorized access to ensure strong security boundaries to mitigate potential cross-tenant vulnerabilities in SaaS/PaaS applications

DevOps Tips
Configuration Drift: Causes and Prevention

Discover what configuration drift is and how it risks security. Explore solutions, including full IaC adoption, framework consistency, file separation, and more. Keep your infrastructure secure

Troubleshooting Configurations
Refused to load the script - Content Security Policy

Learn about Content Security Policy (CSP) , a powerful tool to protect against malicious content injections. Understand how to configure CSP for various use cases and enhance web security.

Troubleshooting Configurations
The Error Message You May Never See - MySQL Error 1175

Discover MySQL Error 1175 - SQL_SAFE_UPDATES Explained. Protect your data from unintended updates. Learn how to fix it with a simple configuration change.

Product Updates
Announcement: Support for OpenTelemetry Collector

CoGuard CLI adds configuration file security scanning support for OpenTelemetry users. CoGuard provides OpenTelemetry users an automated pre-deployment security scanning tool that identifies and scans Collector configuration files and their dependencies for known misconfigurations and vulnerabilities.

Product Updates
Add security configuration analysis to your Pipelines using Jenkins Scripts

The goal of this article is to serve as a tutorial on the creation of Jenkins Scripts to add security configuration analysis using CoGuard-CLI to your Jenkins Pipeline.

Product Updates
Introducing CoGuard's free & quick CLI tool: Take a deep dive into your Docker images in seconds!

We have created a simple tool that automates the discovery of configuration files inside containers and scans them in for security and quality vulnerabilities and if any are found, fix instructions are provided-in seconds!

Product Updates
CoGuard is not just another security vulnerability scanner.....Really!

Many organizations employ tools to help secure their code, but completely forget about their configurations. This is where CoGuard comes in to help!

In The News
Updates … My perspective on the recent Microsoft/Crowdstrike Outage

A perspective on the recent outage of Microsoft Windows systems running Crowdstrike's Falcon, and how a comprehensive configuration scanning solution is the key to preventing this and similar issues.

In The News
Session Tokens - Balancing Usability & Security

Learn from Okta's 2023 breach—stolen session tokens exposed in HAR files. Lessons on JWTs, session cookie security, and vital config changes for Okta, Keycloak, and AWS Cognito. Dive into defense in depth with CoGuard for configurations across your infrastructure layers.

In The News
Automation and Singletons in Infrastructure Setups

A review of the post mortem on Launchnodes slashing incident. And how to run static analysis of IaC, container and infrastructure to identify slashing risks in infrastructure setups for Web3 validators.

In The News
The Canada wide Rogers outage on July 8, 2022: What exactly happened & how can it be prevented?

This article discusses what happened to cause the Roger's outage on July 8th 2022, why it took an entire day to get their systems back online and how to prevent this moving forward.

DevOps Tips
Cracking the Container Code: Navigating Kubernetes, Docker, Virtual Machines, Helm, and Secure Orchestration with Code Scanning

Explore the containerization landscape: Kubernetes, Docker, Helm, and orchestration. Secure deployments with code scanning for robust infrastructure as code.

DevOps Tips
Securing Multi-Cloud Environments: Monitoring, Logging, and Best Practices

Explore the advantages of multi-cloud architecture for flexibility and risk management. Implement secure back-end VPN connections, monitor efficiently with the ELK stack, and enforce robust authentication. Enhance logging configurations effortlessly with CoGuard.

DevOps Tips
You have been breached…now what?

There is a scramble to figure out what to do and how to recover during a systems breach. Ensuring your logging is properly configured is the best way to preserve evidence to recover, and harden.

DevOps Tips
Configuration Drift: Causes and Prevention

Discover what configuration drift is and how it risks security. Explore solutions, including full IaC adoption, framework consistency, file separation, and more. Keep your infrastructure secure

DevOps Tips
Elevating the Standard: A Deeper Look into CoGuard

Configuration changes are just as risky as code changes. Here's our take on the tooling required to give configurations the same, rigorous quality assurance and testing as code and why it's necessary.

DevOps Tips
Security hardening a new React project

You can use this article as a guideline for your own projects, and it is not restricted to React/NodeJS specifically. We have shown how to initialize a project, and the components that need to be present. With this article, you get a sense on what it takes to fix the initial items that are flagged. Maintaining a clean report for each tool as you build the project will set you up for scale, and give you confidence that your changes will not break things that easily.

DevOps Tips
Setting up a project with a security-hardened CI/CD pipeline

This article demonstrates how to start building a react application, get it committed to GitHub and set up linting and code scanning. Then we set up and use GitHub Actions, Docker, Docker Compose, GitHub Secrets and CoGuard to build and secure the initial CI/CD pipeline.

DevOps Tips
What are our resources in the cloud?

Generating and maintaining a list of cloud resources is a challenge for DevOps and IT departments that are not using IaC. We look at how to generate a list of resources and configurations across providers (AWS, GCP, Azure, etc.) and include ways to make the list portable using TerraForm.

DevOps Tips
How to Include CoGuard CLI into BitBucket Pipelines

In this short article, we are going to show you an example script on how to include CoGuard’s CLI functionality into your BitBucket Pipelines.

DevOps Tips
The Infrastructure as Code disruption is not done yet…It is just getting started!

IaC adoption is still in progress, there are several ways of working that are common in the programming world are still not fully applied to it and have great potential to help us build more reliable, scalable and secure infrastructures.

DevOps Tips
How to verify your downloads in Docker builds

This article is focussed on how to ensure that downloads via `curl` or `wget` are being verified correctly and provides our solution for checking if you forgot to verify signatures.

DevOps Tips
Creating a Dockerfile? These are 7 things you should not forget!

This checklist will help you prevent certain deploy-errors or even outages in the future when working with Docker or Dockerfiles. To help you get started, we have also included a template.

DevOps Tips
MySQL in AWS RDS is NOT automatically following CIS benchmarks!

When using AWS, the RDS service allows for many different SQL engines, including Oracle’s MySQL. Here are some of the things you need to consider and possibly fix before using the RDS instance because out of the box does not mean it's secure!

DevOps Tips
How Well Documented is Your IT Infrastructure?

Do you know what you have in your IT infrastructure?What’s your inventory? What’s installed? Do you know? Whose responsibility on your team is it to keep track of what's in your IT infrastructure and how it got there?

DevOps Tips
Your web server needs to be configured to never compress and encrypt at the same time

Common practice is to not use TLS and always keep using the latest version of the protocol, however, there is one danger that needs to be carefully considered: Compression.

DevOps Tips
Do you really want to deploy that dirty AWS default Kafka (MSK) configuration?

Kafka is s a well-engineered scalable messaging system, but along with it comes a large number of different configurations and one in particular that you need to look out for.

DevOps Tips
The one Kubernetes CIS benchmark check that needs to be included in ECS

Orchestration systems like ECS or Kubernetes are generally complex, making security holes easy to introduce. Read more to learn of a serious security vulnerability and how to avoid it.

DevOps Tips
How to configure software (and how you had better not!)

Here are some tips and tricks on how to configure your software and what to avoid.

Cyber Security
CoGuard and API Security

Let's take a dive into API security. In this article we explore the history of APIs, available tooling, and all the components-not just the endpoints-that need to be considered to set up and maintain secure APIs.

Cyber Security
Healthy Configurations for HIPAA Compliance

Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is a must for organizations that handle protected health information (PHI). This article addresses how to ensure that your application(s) and the surrounding infrastructure is (and stays) compliant with examples of what can go wrong.

Cyber Security
Protect Your Business from Ransomware: Addressing the Root Causes

Ransomware remains a top threat for organizations, yet many still treat symptoms rather than tackling the root causes. Microsoft research reveals that over 80% of ransomware attacks stem from common configuration errors, therefore, hardening your configurations is the best protection.

Cyber Security
The Rise of Configuration Files… What you need to know about Fedramp Rev 5

FedRAMP Revision 5 introduces a new requirement in Section CA-7: monthly scans of configuration files. In this blog, we'll break down what this update means and provide quick tips on how to meet this new requirement efficiently.

Cyber Security
Are AWS Account IDs secrets?

Uncover the Truth: Are AWS Account IDs Secrets? Learn Crucial Insights for ECR Security and Prevention. Essential Reading for IT Managers and Administrators!

Cyber Security
Decoding Web3: Navigating the Crucial Role of Infrastructure - A Case Study

Uncover the Billion Dollar Web3 Exploit: Learn how overlooking Web2 security in blockchain infrastructure led to massive losses. Explore the case study with insights on vulnerabilities, server practices, and preventive measures.

Cyber Security
Differences between Including Software Libraries vs Containers

Navigating Libraries vs. Containers - Insights on Versioning, Code Scanning, and Configuration Safeguards for Developers and Security Teams

Cyber Security
The Evolution of Static Analysis: From Blue Screens to Secure Infrastructures

History of static analysis and static application security testing (SAST) including the recent additions for infrastsructure, IaC and containers.

Cyber Security
Implementing Strong Cross-Tenant Security Boundaries

Do you run your secured workloads in the cloud? Countermeasures to prevent unauthorized access to ensure strong security boundaries to mitigate potential cross-tenant vulnerabilities in SaaS/PaaS applications

Cyber Security
Shared Responsibility Model for PaaS - A Look at Pantheon

Learn about the shared responsibility model for Platform as a Service (PaaS) using Pantheon as an example. A CoGuard scan of a Pantheon MySQL instance revealed various security concerns, highlighting the need for proactive configuration checks when using PaaS providers.

Cyber Security
Faster White-Box Penetration Testing Through Static Analysis of Configuration Files

The article discusses penetration testing – methods to identify and patch vulnerabilities in an organization's systems and how technology has evolved to make in depth white box penetration testing possible.

Cyber Security
The different flavours of Docker image security

This article focuses on outlining the difference between some of the common image security scanners out there, what they are scanning for, and what the major differences are.

Cyber Security
Setting Up CloudFront? You may have forgotten this commonly left out step

The security headers in the CloudFront responses is one of the top 10 OWASP security recommendations that we see missing in 75% of login portals we look at. Why is this?

Cyber Security
Services are allowed to run in an insecure way. Why is that, and what can we do about it?

From our experience, it takes teams at least three times longer to set up a service in a secure way compared to the initial “just make it work” setup, but it doesn't have to stay this way!

Book you seat in the webinar.

Tellus sed sit sit volutpat vitae. At gravida tellus magnis integer mollis augue ullamcorper.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Explore a test environment

Try here Demo
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Check out and explore a test environment to run infra audits on sample repositories of web applications and view select reports on CoGuard's interative dashboard today.

Book a Call
© 2021-2024 All rights reserved Heinle Solutions Inc.

Providing DevOps how-to-guides, security tips, and product updates.

View all
Cyber Security
CoGuard and API Security

Let's take a dive into API security. In this article we explore the history of APIs, available tooling, and all the components-not just the endpoints-that need to be considered to set up and maintain secure APIs.

Cyber Security
Healthy Configurations for HIPAA Compliance

Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is a must for organizations that handle protected health information (PHI). This article addresses how to ensure that your application(s) and the surrounding infrastructure is (and stays) compliant with examples of what can go wrong.

Case Study
CoGuard Case Study at Support Logic

In this article, we are going through some of the value SupportLogic has received from our automated scan, which has confirmed our position on blind spots in organizations for years.